A computer virus called Orangeworm has recently spread across the healthcare sector and other industries. Orangeworm is known to gather valuable data with unknown motives, compromising personal information and network functions.
What is Orangeworm?
Orangeworm was first discovered in January 2015 and has launched attacks on organizations since. Hackers install the virus through a backdoor called Trojan.Kwampirs. The Kwampirs malware then copies itself over network shares and can infiltrate connected devices such as X-Ray and MRI machines.
Other industries such as manufacturers have also been Orangeworm victims, especially companies directly linked to healthcare businesses.
At this point, the virus seems to operate through large supply-chain attacks for corporate espionage.
The attacking group chooses its targets methodically and carefully plans its attacks
How does this virus affect healthcare organizations?
As reported by Symantec, nearly 40% of Orangeworm victims are within the healthcare sector. Additionally, most attacks occur in the U.S. (17% compared to other nations).
Machines that aid patients with consent for required procedures are known Orangeworm targets. Also, older computer platforms, such as Windows XP, are more vulnerable to the Kwampirs malware.
Unfortunately, many healthcare organizations use outdated operating systems, which increases the likelihood of an Orangeworm attack.
What’s the best protection from Orangeworm?
Anti-virus products and updated systems and platforms are essential safeguards from Orangeworm. The most effective protection products are those with Intelligence Services or WebFilter-enabling. Some key product features should also include:
• Web Security Service (WSS)
• Proxy SG
• Advances Security Gateway (ASG)
• Security Analytics
• Content Analysis
• Malware Analysis
• SSL Visibility
• PacketShaper
Again, the Orangeworm group’s motives remain unknown, but your company or organization should install protection as soon as possible. As a healthcare provider, your patients’ information must be strongly prioritized.
